Online File Storage RFQQ Appendix E, Requirements and Pricing RFQ 04113 – Online File Storage Services Mandatory Pass/Fail Technical Requirements (Round 1) Requirements are grouped into broad business need categories. These business needs are described in more detail in the Demonstration Instruction section . By Checking the boxes below the Bidder signifies they have completely read, understood and after consideration concluded the offered service complies fully with the stated requirement. # MANDATORY REQUIREMENTS VENDOR HAS READ, UNDERSTANDS AND WILL COMPLY Business Need: USER EXPERIENCE 1 Solution must allow authorized non-technical users to invite collaborators to access/share files, grant access privileges to collaborators, and create files/folders without requiring/contacting technical support. Complies 2 Solution must provide the ability to upload and sync files across local computer, cloud via browser, and mobile app. Complies Business Need: CENTRAL ACCOUNT ADMIN 3 Solution must allow each agency to centrally administer all of its user accounts, files and folders through its own agency administrators Complies Solution must provide the ability for delegated administration on an agency by agency basis. Complies Business Need: IT SECURITY 4 Solution must support and enforce strong passwords (containing at least 8 characters Complies Page | 1 21 July 2022

Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Embed Size (px)

Citation preview

Page 1: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

Appendix E, Requirements and Pricing

RFQ 04113 – Online File Storage Services

Mandatory Pass/Fail Technical Requirements (Round 1)

Requirements are grouped into broad business need categories. These business needs are described in more detail in the Demonstration Instruction section . By Checking the boxes below the Bidder signifies they have completely read, understood and after consideration concluded the offered service complies fully with the stated requirement.





Solution must allow authorized non-technical users to invite collaborators to access/share files, grant access privileges to collaborators, and create files/folders without requiring/contacting technical support.


2 Solution must provide the ability to upload and sync files across local computer, cloud via browser, and mobile app. Complies


3Solution must allow each agency to centrally administer all of its user accounts, files and folders through its own agency administrators

Complies Solution must provide the ability for delegated administration on an agency by agency basis. Complies

Business Need: IT SECURITY4 Solution must support and enforce strong passwords (containing

at least 8 characters and any three of the following: alphanumerics, upper and lower case, numeric, and special characters)

Complies 5

Solution must provide role-based access to files and folders. Complies Business Need: VENDOR QUALIFICATIONS

6 Vendor’s revenue (for past 12 months) from online file storage services and products must exceed $2 million. Complies

Page | 1 15 May 2023

Page 2: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

Appendix E, Requirements and Pricing

RFQ 04113 - Online File Storage Services

Mandatory Scored Technical Requirements (Round 1)For Mandatory Scored (MS) requirements, the Vendor Response must indicate explicitly whether or not the Vendor's proposed Solution meets the requirement. Responses without an adequate description of how the vendor fully meets the requirement will be scored as not meeting the requirement.

Requirements are grouped into broad business need categories. These business needs are described in more detail in the Demonstration Instruction section below.

For each requirement more points will be awarded to vendor responses that: 1) fulfill the stated requirement, and 2) provide more convenience, timeliness, ease of use, or capability to better satisfy the requirement or one or more of the business needs detailed in the Demonstration Instruction section. Any response that does not satisfy a requirement will receive a 0 score and will result in Bidder disqualification for this procurement.

# Function

Business Need: CENTRAL ACCOUNT ADMINMS1 Describe in detail the solution’s delegation model for central administration, including how

many levels of administrators can be supported. The state prefers solutions that provide multiple and nested levels of administrators to accommodate varying requirements in parts of agencies.

MS2 Describe solution’s ability to allow each agency to set and enforce security, access, or other policies, including password policies, specific to that agency.

MS3 Describe solution’s ability to manage and enforce security, access, or other policies by groups of users within the agency. The state prefers solutions that provide multiple and nested levels for policy management and enforcement (user, group, division, agency, etc.) to accommodate varying requirements in parts of agencies.

MS4 Describe solution’s ability for an agency administrator to remove files/folders from one or more of its user accounts.

MS5 Describe solution’s ability for an agency administrator to remove user access to files/folders for one of its users (retaining access by administrators if/as necessary)

MS6 Describe solution’s ability for an agency administrator to search across all of that agency’s user accounts, files, and folders on the online service. The state prefers solutions that will also enable administrator search across synced desktop computers and mobile devices associated with the agency

Business Need: IT SECURITYMS7 Describe solution’s ability to functionally protect and isolate one agency’s data from other

agencies and other customers of the solution (multi-tenant isolation model).MS8 Describe how the solution integrates with Microsoft Windows Active Directory through

Active Directory Federation Services (ADFS) 2.0 and above.

MS9 Describe the ability for the solution and the agency to control and monitor vendor’s access

Page | 2 15 May 2023

Page 3: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

to the agency’s data.MS10 Describe solution’s ability to securely transmit data (including encryption in transit).

MS12 Describe how intrusion detection and malware filtering functionality protects the solution and agency data.

MS13 Describe what periodic security assessments are performed that review and verify effectiveness of security controls. Examples include vulnerability assessments, penetration tests, and system code analysis. A higher preference is given when independent third parties perform this work rather than internal vendor staff.

MS14 Describe how tools and processes are used in the software development lifecycle to prevent application security vulnerabilities in the solution.

MS15 Describe solution’s ability to use layered security controls to prevent OWASP top 10 attacks.

Business Need: RECORDS MANAGEMENTMS16 Describe solution’s ability to log and support log review of administrator and user activity.

MS17 Describe solution’s ability to log file revision history; this includes who has viewed, downloaded, modified, or synced a file

Business Need: ARCHITECTUREMS18 Describe the solution’s implementation for high availability, backup, redundancy and

disaster recovery. Describe the security over these features if not described in the security section above. Include description of backup frequency, recovery capabilities and periodic testing of backup/recovery solutions.

Business Need: TERMS AND CONDITIONSMS19 Describe how the solution ensures that State Data is not stored or transferred outside the

United States except to allow authorized users outside the United States to access State Data. In exception case, describe how data is protected from unauthorized access, disclosure, or tampering.

Appendix E, Requirements and Pricing

Page | 3 15 May 2023

Page 4: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

RFQ 04113 - IT Funding and Financial Analysis

Desirable Scored Capability (Round 1)

For Desirable Scored (DS) capabilities, the Vendor Response should always indicate explicitly whether or not the Vendor's proposed Devices or Related Services provide the desired functionality, and describe how the proposed Vendor’s Devices or Related Services do so.

Desirable scored capabilities are grouped into broad business need categories. These business needs are described in more detail in the Demonstration Instruction section below.

For each desirable scored capability more points will be awarded to vendor responses that: 1) fulfill the stated functionality, and 2) provide more convenience, timeliness, ease of use, or capability to better satisfy the function or one or more of the business needs detailed in the Demonstration Instruction section.

# Function

Business Need: USER EXPERIENCEDS1 Describe the solution’s ability to support, through a local application, at least two mobile OS

platforms. More points will be awarded to dominant mobile OS platforms in the marketplace, such as at the time of this writing, Android and IOS.

DS2 Which web browsers is solution compatible with?

DS3 Does solution offer open APIs to develop user applications or a web presence?

DS4 Does the solution support native or 3rd party tools that provide additional functionality to the product (e.g. document signing, workflow engines, etc.)? Please describe options and cost implications.

DS5 Does the solution allow an agency to customize the user interface for agency branding or other purposes? If so, please describe capabilities and limits for central administrators and users. Please describe how agency central administrators can enable or limit user customization of the user interface for their account.

DS6 Does solution offer a custom URL, subdomain, or other method to support agency branding in the URL for their use of the solution?

DS7 Does solution integrate with the following shared solutions: MS Exchange 2010 / MS Outlook 2010 (or later) e-mail? If so, include versions supported, for both on-premises and cloud based implementations.

DS8 Can files be previewed without downloading?

DS9 Please describe how solution is interoperable with the following file types such as Microsoft

Page | 4 15 May 2023

Page 5: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

Office suite (Word, Project, PowerPoint, Excel, etc.), other common work product tools such as Acrobat and Notepad, or other file types (video, photo, etc.). Include versions supported.

Business Need: CENTRAL ACCOUNT ADMINDS10 Does solution have limits to the number of administrators per agency that are able to contact

vendor technical support?

DS11 Do administrators have ability to copy and/or irrevocably remove files/folders remotely from mobile devices where syncd?

DS12 Does the solution provide for one or more “super administrators” that can perform administration duties for multiple agencies if permitted by the agency?

Business Need: PUBLIC DISCLOSURE AND E-DISCOVERYDS13 Describe solution’s ability to support native or 3rd party search and/or e-discovery tools.

Please list all supported tools.

Business Need: IT SECURITYDS14 Most Washington state agencies are listed in one instance of Active Directory, called

Enterprise Active Directory (EAD). Consolidated Technology Services hosts EAD and a related ADFS instance. Approximately a dozen other agencies operate their own Active Directory instances, and several of these operate their own ADFS instance. Describe how the solution can integrate with more than one instance of ADFS so that employees of all such agencies can authenticate to the solution through a single sign-on experience.

DS15 Describe how agency users in Active Directory (the Enterprise instance or a single agency instance) can be bulk uploaded or established in the solution to save time, reduce errors, and avoid managing user login credentials on-premise and in the solution.

DS16 Describe how agency administrators recognized in Active Directory with their privileges and administrative hierarchy, can be automatically established in the solution as administrators with the same privileges. For example: Administrative privileges in the solution can be controlled by the membership of Active Directory group membership.

DS17 If the solution can provide certified file erasure/destruction, describe how it is accomplished.

DS18 Please describe solution’s ability to provide additional protection of sensitive customer data (i.e. multi-factor authentication, increased audit/access visibility, user group limitations, encryption, etc.).

DS19 Please describe solution’s ability to prevent sensitive data such as social security and credit

Page | 5 15 May 2023

Page 6: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

card numbers from being stored by the solution.

DS20 Please explain how agency administrators are alerted, or can determine using the solution’s logs, that the agency’s data is under attack or is experiencing suspicious activity.

DS21 List the certifications or audits the solution as successfully completed and achieved. These could include Federal Information Processing Standards (FIPS) 140-2, HIPAA, PCI, SSAE 16, ISO 27001/2, SOC 2, or others.

DS22 Describe solution’s ability to encrypt data at rest on the service and on devices. More points will be awarded to solutions that provide encryption internally to the solution, rather than depending on device or Operating System encryption methods

DS23 Can synced files be opened on a mobile device using other editors already installed on the device? Can this be restricted on an app and document level?

Business Need: RECORDS MANAGEMENTDS24 Describe any certifications for electronic record keeping standards the solution meets.

Examples: DOD 5015.2 or level 5 electronic record keeping, etc.

Business Need: ARCHITECTUREDS25 Describe the solution’s ability to scale to support 50,000 or more users for the state of


DS26 Is solution provided entirely by your firm or in partnership with one or more subcontractors? If subcontractors are involved, list them and identify which entity is responsible for delivering against the Service Level Agreement (SLA)?

DS27 Describe whether the solution runs on public cloud infrastructure (list owner), a hybrid model using public cloud and customer infrastructure, customer infrastructure (on-premise), some combination of the above, or other alternatives. For background, the Consolidated Technology Services agency (CTS) provides central computing, network, and security infrastructure for the state and may serve as a statewide focal point for on-premise or cloud-based services. All agencies access the Internet through a single CTS-managed access point.

For each alternative describe:

a) The underlying infrastructure the solution runs onb) The roles of the solution provider, state agencies, and/or CTSc) The hardware, software, networking, hosting, or staff support each agency or CTS

must provide to use the solution. Include limits on acceptable hardware or software choices

d) Other obligations or investments required of agencies or CTS

Higher points will be awarded to solutions that require lower agency or statewide effort, complexity, staff resources, or investments in hardware/software. Future contract awards may

Page | 6 15 May 2023

Page 7: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

pursue solutions with other criteria, including hybrid on on-premise solutions.

DS28 Please describe whether agencies will reside in separate “tenants” or domains in the solution or will share a tenant or domain.

DS29 Please describe the implementation solutions offered by the vendor to help new users start using the solution.

DS30 Is the solution accessible to authorized users worldwide?

DS31 Please describe solution’s performance-boosting techniques to improve the user experience, such as incremental backup, support for WAN acceleration, remote caching, compression, and throttling for network bandwidth and CPU cycles.

DS32 Please describe solution’s ability to scale infrastructure to meet future growth.

DS33 Describe solution’s ability to operate with other Technology Solutions that support mobility or collaboration such as Microsoft Lync, or other State systems of record (e.g. network file shares, SharePoint, content management systems, etc.)

DS34 How much scheduled and unscheduled downtime has been experienced by this solution during the past month, 6 months, year? Downtime is defined as time when the solution is unavailable to users.

DS35 Please describe vendor plan for efficient network routing to avoid service degradation during normal operations or as a result of either planned or unplanned maintenance.

Business Need: COSTDS36 Describe what is available to facilitate agency internal chargeback for solution expenses

(possible examples below) affiliating files/folders with projects, users, groups, or organizational entities customer-defined billing codes

DS37 Please describe options for enterprise licensing and pricing that may be of interest to the state. Examples could include seat based, capacity based, or a combination. Options affecting price could include storage amounts, file sizes, etc.

DS38 Please describe costs associated with one time purchases, subscription costs, maintenance, renewals and/or upgrades and associated limits on cost increases or changes over time.

DS39 Please describe the costs, if any, for approved individuals who are not employees of the agency to access the service to interact with files and collaborate with employees.

DS40 Please describe the options to support employee turnover by: enabling the agency to access user files and folders after the user/employee leaves

Page | 7 15 May 2023

Page 8: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

de-activating and retaining user accounts – describe cost implications

Business Need: VENDOR INFORMATIONDS41 Please list names of at least three customer references for the solution similar in size and

complexity to the state of Washington. (Be prepared to submit contact information for reference checks as required in subsequent stages of this procurement).

DS42 Please list up to three local, state or federal government customers. DS43 Please describe customer base of proposed solution, including market segmentation

(corporate, enterprise, government, etc.), and growth over past 3 years.

DS44 Indicate number of active customers for proposed solution in the following user-count ranges (e.g. 0-1000, 1001-5000, 5001-10000, above 10000)

DS45 Indicate how long proposed solution has been commercially available, and how long the firm has been in business.

DS46 Describe any business litigation, regulatory investigation or other proceeding involving your company over the last 5 years and current status?

DS47 Please describe the solution’s customer support model including but not limited to: Tiers of service Hours of service Methods of communication Committed response times to help requests

DS48 Describe frequency of previous and planned releases or product upgrades, and the customer notification process.

Page | 8 15 May 2023

Page 9: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

Appendix E, Requirements and Pricing

RFQ 04113 - IT Funding and Financial Analysis

Demonstration InstructionsFor Live Demonstration and Interactive Discussion

In Round 2 the state will evaluate proposed solutions in part through live vendor demonstrations and interactive discussion with evaluators. This is an opportunity for vendors to demonstrate the features of their solutions and for evaluators to learn, verify understanding, assess value, and provide feedback.

A guest WiFi network, two wired Internet connections, and a ceiling mounted projector supporting VGA and HDMI connections will be available in the demonstration room for vendor use.

Laptops and supported mobile devices should be used when demonstrating the proposed solution. Part of the evaluation will be based on the user experience on the breadth of supported Windows, IOS, and Android devices.

State Business Needs and Demonstration Scoring :Vendors should demonstrate the proposed solution in the sequence of the six business needs outlined below. Each business need describes a government role or responsibility to manage state data, or a type of user of the proposed solution. Demonstration scoring will occur at the business need level - a score will be assigned for the demonstration of each business need. More points will be awarded to the vendor solution that provides more convenience, timeliness, ease of use, and capability to better satisfy each business need.

To assist vendors in demonstrating their solution, the instructions include additional information under each business need that: a) is important to the State, and b) provides a logical sequence to demonstrate how well a proposed solution satisfies the business need. This additional information should not be viewed as a list of individually scored requirements, or limit what the vendor can demonstrate.

This procurement includes the ability for evaluators to learn more about the Online File Storage market while evaluating proposals and demonstrations. If features of solutions are discovered that are valuable in meeting the state’s business needs that were not asked for in the procurement, the state reserves the right to incorporate these features into the procurement, determine if other solutions offer similar capabilities, and evaluate proposals accordingly.

Please keep in mind the state’s anticipated or discovered niche uses, or “Categories for Award”, for an Online File Storage Service in RFQQ section 10.6 when demonstrating the proposed solution.

Demonstration Scheduling and Duration:Round 2 vendor demonstrations will be scheduled according to RFP schedule. Vendors must complete the demonstration in 90 minutes. Then at the state’s sole discretion, evaluators may spend up to an additional 75 minutes with the vendor for interactive discussion, asking and answering clarifying questions, and backing up the discussion with demonstrations. The features demonstrated in one section need not be repeated unless additional information applies or questions arise.

Page | 9 15 May 2023

Kirk, Dave (OCIO), 08/01/13,
Check in final doc
Page 10: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

Demonstration LocationAll bidder demonstrations will be held live, in person, at the following Olympia Washington address:

Office of the Chief Information Officer210 11th Ave SWGeneral Administration BuildingSuite 300Olympia, WA 98504-3113

Note: Drawing for when vendors are scheduledTime of demo - 8:30 – 11:30?

Page | 10 15 May 2023

Page 11: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

Business Needs and Additional Information

User Experience Business Need: State employees and non-state individuals need to be able to quickly and easily store, find, access, update, share, synchronize, and delete up-to-date state records from offices and remote locations, on desktops and mobile devices. The purpose is to improve productivity and enable collaboration for geographically separated users, and allow users to securely share/access data where and when needed.

Please demonstrate how well the proposed solution meets the business need above. As part of the RFP evaluation, demonstrate how a user of the proposed solution would perform the steps in the life cycle of storing and using a document or file, including:

1. Installation and use of the proposed service on a local computer, in the cloud via browser, and mobile device/app

2. Upload files/folders individually and in bulk.*NOTE: Test files will be supplied prior to demo. 3. Set file owner options in granting and denying access and permission levels to state

employees and non-state individuals. This could include time limited downloads or permissions based on geographic location (geo-fencing), type of user device, or others.

4. Show current permission levels operating as established above. 5. Setup and show desired versioning for files / folders6. Search for a specific file to work on, including previewing without downloading7. File sync between local computer, cloud via browser, and mobile device/app8. Editing, annotating and syncing of changes for authorized users and devices9. Co-editing by multiple users, with or without downloading10. Show other features of solution promoting user collaboration or productivity 11. Download files/folders individually and in bulk.*NOTE: Several test files will be supplied on a

USB thumb drive to bidders just before the demonstration. Bidders must use these files for parts of the demonstration when requested. Otherwise, the bidder’s own files may be used.

12. Offline use – Ease of finding, editing, saving, syncing files on the device13. Ability of user to perform self-service backup, deletion, and restore upon accidental deletion

of files/folders14. Removal of Files from the service and devices where synced15. Show the types of help the solution provides to users to aid in effective use

Demonstrate any/all additional features of proposed solution that meets the User Experience business need.

Agency Central Account Administration Business Need: Agency administrators need to manage/log/monitor user accounts, user activity, and actions affecting agency records. The purpose is to enable agencies to manage and protect user accounts and agency records according to Washington’s Online file Storage Guidance document and supporting statutes and policies.

Please demonstrate how well the proposed solution meets the business need above.

Page | 11 15 May 2023

Page 12: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

As part of the RFP evaluation, demonstrate how an agency central account administrator of the proposed solution would perform their duties, including:

1. Service setup: a) Provision the accountb) Setup agency/hierarchy (agency, group, user, external users) and demonstrate ability to

make changes after initial setupc) Setup administrators and delegate administration functions across the defined hierarchy

and demonstrate ability to make changes after initial setupd) Establish policy and password requirements at appropriate levels in the hierarchye) Set policies that enable or restrict cross domain data sharing by users (internal and external

user populations).f) Perform onboarding and authenticationg) Create role based access to files and foldersh) Establish backup frequency for agency, or files/folders

2. Administering accounts, files, and folders:a) View a list of all users associated with the enterprise license for their hierarchy levelb) Push/update policies and show them operating as expected, such as enforcing password

strength (automated policy enforcement and compliance detection). Address silent deployment (users unaware of certain changes/actions)

c) Define whether individual files or folders can be shared and with whom. Address silent deployment (users unaware of certain changes/actions)

d) Define search functionality at varying levels across the hierarchy (i.e. can search within group but not at agency level, etc.)

e) Search for information, remove files from a user, user access to files/folders (retaining access by administrators if/as necessary) and irrevocably remove files/folders (including remotely from mobile devices)

f) Review information about linked devices associated with users and unlink devicesg) End a session, or delete content on device when needed, after multiple login failures, or

specified timeouth) Show how to backup, delete, and restore files and folders (on the service and synced

devices) i) Log and view logs of administrator, and user activityj) Log and view logs of file revision history. Show granularity of information contained (who

viewed, downloaded, forwarded, modified, synced, etc.)k) Delete and/or de-provision of account; this includes how data would be exported or

migrated to another account or another solution (on-premise or other service)

Demonstrate any/all additional features of proposed solution that meets the Agency Central Account Administration business need.

Public Disclosure and E-Discovery

Page | 12 15 May 2023

Page 13: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

Business Need: Authorized employees are responsible to accurately find applicable information from across all agency accounts, folders, and files, including all versions and copies, on all locations and devices where stored; mark files of interest according to request, refine and conduct further searches, hold selected files to prevent changing or deleting, and retrieve selected files. The purpose is for agencies to comply with the requirements under the Public Records Act (RCW 42.56) and e-Discovery.

Please demonstrate how well the proposed solution meets the business need above. *NOTE: Test files will be supplied prior to demo for many of the items below. As part of the RFP evaluation, demonstrate how an agency public disclosure or e-Discovery officer of the proposed solution would perform their duties, including:

1. Search and Tag functionality such as:a. Use advanced search capabilities - on the online service and on other devices where

downloaded and/or synced. Use full-text (not limited to 256 characters), keyword, phrase, boolean logic, patterns,

and/or regular expressions (Regex) Drill-down (successively more detailed searches on result sets) Conduct concurrent searches (multiple users able to search/tag files) Conduct “federated” searches (users can search hierarchy levels simultaneously through

one query and view the results in a single integrated list)b. View highlighted search terms in result setc. Tag files for later review (as part of normal process, or if/as returned from search)d. Keep search queries and results confidential (silent); Users not informed/aware that

files/folders have been searched/retrieved/tagged/helde. Index information in the system based on full-textf. Add metadata (available for search) to filesg. Demonstrate that search does not alter metadatah. Support 3rd party discovery tools (i.e. e-discovery) that can be used to supplement

searching, review and production requirements. 2. Hold functionality such as:

a. Place a hold on files to prevent further deleting or changing – on the online service and on other devices where downloaded and/or synced.

b. View who has permission to place a file on hold.3. Retrieve functionality such as:

a. Retrieve selected or tagged files, versions and copies from the service and from other devices where data has been downloaded and/or synced.

b. Export / produce records for production, showing formats, tools, and connectors available.

Demonstrate any/all additional features of proposed solution that meets the Public Disclosure and e-Discovery business need.

IT Security Business Need: Agencies are responsible to protect state records from unauthorized access, disclosure, or modification in order to ensure the confidentiality, integrity, and availability of those records.

Page | 13 15 May 2023

Page 14: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

Please demonstrate how well the proposed solution meets the business need above. As part of the RFP evaluation, demonstrate how an agency IT Security officer of the proposed solution would perform their duties, including:

1. Control and monitor vendor access to customer data2. Monitor activity / review logs to determine whether agency records are under attack or unusual

activity is occurring3. IP whitelisting4. Protect files / folders downloaded to mobile devices

Demonstrate any/all additional features (not previously demonstrated in a prior section) of proposed solution that meets the IT Security business need.

Records Management

Business Need: Authorized employees and users must be able to track, search, access, and retrieve records for the entire minimum required retention period, and then destroy or transfer records according to approved retention schedules. This applies to records (and including copies thereof) maintained in files and folders, formats, versions, locations, and devices where synced so that agencies can fulfill their responsibilities to retain and dispose of state records according to RCW 40.14.

Please demonstrate how well the proposed solution meets the business need above. As part of the RFP evaluation, demonstrate how an agency records manager of the proposed solution would perform their duties, including:

1. Setup and/or view expiry date or retention periods on files/folders. 2. Setting notifications for upcoming or expired retention periods3. Automating disposal/disposition of expired files

Demonstrate any/all additional features (not previously demonstrated in a prior section) of proposed solution that meets the Records Management business need.


Business Need: Agencies need a service that boosts performance in mobile and low bandwidth situations; operates well with authentication, mobile device management, collaboration, and data management technologies to improve employee productivity, ensure convenience/reliability of user login, and maintain security of state records on mobile devices.

Page | 14 15 May 2023

Page 15: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

Please demonstrate how well the proposed solution meets the business need above. As part of the RFP evaluation, demonstrate concerns an agency architect may have of the proposed solution, including:

1. Interoperability with collaboration tools such as Microsoft Lync and/or Sharepoint.2. Interoperability with Mobile Device Management solutions.


Business Need: Agencies seek attractive prices and good value for Online File Sharing services which meet state requirements and provide the greatest convenience, ease of use, and breadth of features. This may or may not translate into the lowest price, but does anticipate aggregated state purchasing volumes that a desirable service could attract.

The business goal of this procurement is to balance business enablement, ease of use, and collaborative capacity with the requirements to maintain control, visibility, and security of state records, at competitive prices.

Complete the section below to propose pricing for the state. Bidders must complete section #1 for consideration. Complete section #2 if your firm offers tiered discounts. Use the section to show how those would apply.

PROPOSED PRICING 1. Provide a whole cost price per user per month. If the evaluation team believes a proposal offers

negligible value, it reserves the right to make no award.

$ price Per user per month

This offer will be evaluated

Also provide tiered pricing to reflect further discounts offered at various participation levels

$ price Per user per month At _______________ User level

Page | 15 15 May 2023

Page 16: Online File Storage RFQQ - apps.des.wa.gov  · Web viewDescribe the solution’s implementation for high availability, backup, redundancy and disaster recovery. Describe the security

Online File Storage RFQQ

$ price Per user per month At _______________ User level$ price Per user per month At _______________ User level$ price Per user per month At _______________ User level

This offer will not be evaluated. Revise this table to reflect your own tiered discount offer.


Business Need: Agencies need reliable and capable partners. Please furnish four references that can attest to your capacity to provide reliable, secure services; meeting all the business needs identified. These references should be able to discuss direct use of the proposed services and functionalities.

Page | 16 15 May 2023